Autor: erick.bullier Data: Para: exim-users Assunto: [Exim] Exim and deny of service risk...
Hello,
I was yesterday at a conference about linux security.
One of the linux Security Consultant spook about the mail servers.
Postfix is the best (for security reasons) for him.
He say that there is possibility to block exim serveur (or to slow it down)
for a single user by sending a lot of packet at the same time.
The example was that postfix detect this and slow down the packet for this
user and allow the packet the another to pass simultaneously...
I believe that there is a specific directive in exim conf to fix that.
In fact, how run this directive, and does it prevent really this type of
situation...
I would like to receive a good formated answer (i can send it to the office of
this very famous french security consultant agency)...
I am little anxious, because my mail server run with exim (3.35) and supporte
a lot of mail account....
I tryed yesterday to defend Exim and its capabilitys, but it's very difficult
without real security arguments...